Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/337DC05E3F1711F1BF375FE8CE1D38B0.roa
File: 337DC05E3F1711F1BF375FE8CE1D38B0.roa (raw, json)
Hash identifier: ni7VMs1tKOWSy6hWGJ1lOapcq0YcDRXDgzdDdKvQ4ts=
Subject key identifier: C3:08:DE:BB:1F:93:21:9A:7F:59:2C:66:14:32:39:89:5D:25:21:AF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C6E5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/337DC05E3F1711F1BF375FE8CE1D38B0.roa
Signing time: Thu 23 Apr 2026 13:20:31 +0000
ROA not before: Thu 23 Apr 2026 13:20:26 +0000
ROA not after: Thu 28 May 2026 13:20:26 +0000
asID: 211687
IP address blocks: 154.193.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116453 (0x1c6e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 23 13:20:26 2026 GMT
Not After : May 28 13:20:26 2026 GMT
Subject: CN=69ea1c9f-35ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:1b:93:04:73:2d:19:4f:78:20:c7:ba:6a:8b:
cb:c4:e9:d7:f3:4b:b9:71:e8:1f:85:1d:44:da:c3:
21:44:75:32:40:2b:56:8d:42:d2:af:31:7f:e3:9d:
e4:ca:e3:f7:19:cb:8c:8e:e6:31:07:dc:ee:3e:ac:
ed:93:fc:33:96:78:65:a2:a9:0c:50:06:8b:e9:b7:
e7:03:69:52:6b:02:b8:62:22:43:9f:97:d0:f8:43:
62:88:c8:ca:92:f5:c8:f5:9f:35:9a:81:27:95:de:
2d:52:15:3b:28:39:a7:70:79:3d:13:52:98:ca:b2:
3a:1b:b9:19:56:64:50:02:d7:23:94:70:a1:65:54:
72:52:66:f4:52:ff:33:69:e1:7b:0e:95:22:60:b5:
15:24:9b:23:02:78:82:d2:81:b2:44:80:f7:f4:aa:
8f:6b:4a:00:e2:7c:1d:1c:b6:b8:fe:3e:b1:b8:de:
37:47:70:1f:82:e1:ff:1e:cc:e8:11:18:45:30:01:
a1:58:d4:09:66:c1:9f:41:e0:6c:a5:8b:53:58:2a:
2d:f9:be:4b:0d:82:af:2d:e5:88:0e:7f:10:9e:fa:
bb:58:83:a4:50:86:21:6c:69:6c:0d:9f:b7:6f:93:
be:36:79:ff:90:85:5b:a6:89:ee:85:e2:69:92:5a:
85:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:08:DE:BB:1F:93:21:9A:7F:59:2C:66:14:32:39:89:5D:25:21:AF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/337DC05E3F1711F1BF375FE8CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.185.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:a1:3b:4b:4d:4d:9c:4f:f7:30:08:91:53:e0:d8:bd:fc:2f:
1d:38:b5:b4:57:d7:61:d8:0b:b0:ee:7d:af:a3:09:26:a7:ca:
57:75:31:bd:75:a4:aa:0c:23:20:d0:4a:0d:e0:33:e3:d2:4f:
4a:59:94:e7:34:a3:d9:0a:e2:16:6a:75:8f:d5:c8:74:b7:ef:
2e:6f:7a:7e:9b:57:27:c9:3e:79:35:aa:56:d6:ad:29:ed:97:
3a:f7:80:10:c2:c5:95:9e:c0:89:90:a6:2c:be:3f:aa:ad:78:
cd:ef:86:9c:d1:79:83:0c:9d:b8:7c:41:94:71:52:d0:3c:8f:
73:c1:c9:46:53:c8:11:7a:61:4c:27:45:5a:a8:5e:98:ce:7f:
a9:b8:cf:92:ee:27:29:fa:46:5f:84:85:e8:9e:b3:d3:1c:fe:
fc:ca:1e:ef:09:f3:7f:03:e5:87:c6:98:0e:e8:25:f3:a6:ff:
96:97:ae:c4:d9:c2:9f:69:14:5c:54:ba:c8:e3:ed:6f:b9:34:
af:4a:33:db:c6:c5:2d:77:44:bf:93:8e:a4:5d:64:55:7b:e1:
9e:9b:b4:d3:2a:05:48:bd:0d:fc:d5:c6:bb:c9:60:b4:f6:bd:
20:a7:8a:70:cb:92:42:54:86:4c:95:10:a1:2a:b2:08:28:2a:
c9:4a:13:a5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcblMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDIzMTMyMDI2WhcNMjYwNTI4MTMyMDI2WjAYMRYw
FAYDVQQDEw02OWVhMWM5Zi0zNWJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3huTBHMtGU94IMe6aovLxOnX80u5cegfhR1E2sMhRHUyQCtWjULSrzF/
453kyuP3GcuMjuYxB9zuPqztk/wzlnhloqkMUAaL6bfnA2lSawK4YiJDn5fQ+ENi
iMjKkvXI9Z81moEnld4tUhU7KDmncHk9E1KYyrI6G7kZVmRQAtcjlHChZVRyUmb0
Uv8zaeF7DpUiYLUVJJsjAniC0oGyRID39KqPa0oA4nwdHLa4/j6xuN43R3AfguH/
HszoERhFMAGhWNQJZsGfQeBspYtTWCot+b5LDYKvLeWIDn8Qnvq7WIOkUIYhbGls
DZ+3b5O+Nnn/kIVbponuheJpklqFdwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMMI
3rsfkyGaf1ksZhQyOYldJSGvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMzdEQzA1RTNGMTcxMUYxQkYzNzVGRThDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsG5MA0GCSqGSIb3DQEB
CwUAA4IBAQDRoTtLTU2cT/cwCJFT4Ni9/C8dOLW0V9dh2Auw7n2vowkmp8pXdTG9
daSqDCMg0EoN4DPj0k9KWZTnNKPZCuIWanWP1ch0t+8ub3p+m1cnyT55NapW1q0p
7Zc694AQwsWVnsCJkKYsvj+qrXjN74ac0XmDDJ24fEGUcVLQPI9zwclGU8gRemFM
J0VaqF6Yzn+puM+S7icp+kZfhIXonrPTHP78yh7vCfN/A+WHxpgO6CXzpv+Wl67E
2cKfaRRcVLrI4+1vuTSvSjPbxsUtd0S/k46kXWRVe+Gem7TTKgVIvQ381ca7yWC0
9r0gp4pwy5JCVIZMlRChKrIIKCrJShOl
-----END CERTIFICATE-----
Generated at Sat May 9 11:01:57 2026 by rpki-client